Getting Data In

Discussions

Thread Info

Configurations that Filters Existing Orders from AS/400 File

I'm looking to come up with some configurations that filter out existing orders from files I (currently) manually cop...

by SplunkTrust in

Directory monitoring

Is it possible to monitor a directory with Splunk? When I say monitor a directory I am not interested in the contents...

by Path Finder in

SplunkForwarder Version on Windows

Quick question here. We have the SplunkForwarder installed on a couple of Windows servers and need to know what versi...

by Builder in

squid log format slightly changed- would it cause my problem?

I am running squid 3.1 with an almost stock logformat (I modified it to show the fully qualified name of the IP addre...

by Engager in

Login to resource from Universal Forwarder?

Hello, I am trying to get logs sent from a firewall to a Universal Forwarder. To get logs from the Firewall, I need t...

by Contributor in

nullqueue not working

This seems pretty straight forward, but its not working for me. In the indexer/search head. Ive set the following to ...

by Builder in

splunk installation error

I uninstalled Splunk and install it again, the system displayed an error as follow. Splunk install was unable to c...

by New Member in

When to add indexer/forwarder

Hello Splunkers, I came across a page that answered this once but I can't seem to find it again... For best practices...

by Contributor in

Splunk Forwarder Crashes - pthread_create: Resource temporarily unavailable

Our lightweight forwarder has experienced several crashes within the last 5 days... here's what's in the crash log. T...

by Explorer in

Problem in displaying timestmap

Hi , There is a requirement to change the time format from "04/04/14 13:11:37" to "Mon April 04 2014 13:11:37" .I ...

by Explorer in

multiple searches in one graph

Hi, I need to create a graph that contains 2 searches, to compare today's search and last week's search I know there ...

by Path Finder in

Load File At Same Time Everyday Regardless Of Changes

Just as it states. Is there way to monitor a file and reload it everyday even if it has not changed? Only once per da...

by Communicator in

Running 6.1.1 Searchhead with 6.0 Indexers

Aside from the new internal index, are there any issues running a 6.1.1 searchhead with 6.0 indexers? I am trying to ...

by Builder in

Pull data from a script(sh or py) to show in Splunk without indexing

Hi, I need a command like dbquery(dbconnect) which when executed in Splunk searh returns data from a script's outp...

by Path Finder in

Send all Logmessages witch contain DEBUG to /dev/null on splunkforwarder-6.0.3-204106-AIX-powerpc

Cant get DEBUG messages filtered out at all on splunkforwarder. Did create $SPLUNKHOME/etc/system/local/transforms...

by Explorer in

Windows events log monitoring

I need to monitor the windows event logs using the universal forwarder. Please help me out for the below queries:- ...

by Explorer in

How to remove some event from log while indexing..

Hello Everyone, I want to remove some lines from log file while indexing the data. my log file is like date tim...

by Contributor in

input monitor all entries double - how to debug?

Hi, I am indexing a directory on a central syslog server. All entries in the index exist exactly two times with a ...

by Explorer in

Adding cisco switches, (all kinds), to syslog to Splunk

I've tried adding a new UDP data input but it feels like something is missing. I went as far as to cause events on a ...

by New Member in

TIME_FORMAT around midnight

Hi, I need help specifying a TIME_FORMAT in my props.conf file My Log file (OS=Windows) contains date-times like t...

by Explorer in

Getting Data In

Discussions

Configurations that Filters Existing Orders from AS/400 File

Directory monitoring

SplunkForwarder Version on Windows

squid log format slightly changed- would it cause my problem?

Login to resource from Universal Forwarder?

nullqueue not working

splunk installation error

When to add indexer/forwarder

Splunk Forwarder Crashes - pthread_create: Resource temporarily unavailable

Problem in displaying timestmap

multiple searches in one graph

Load File At Same Time Everyday Regardless Of Changes

Running 6.1.1 Searchhead with 6.0 Indexers

Pull data from a script(sh or py) to show in Splunk without indexing

Send all Logmessages witch contain DEBUG to /dev/null on splunkforwarder-6.0.3-204106-AIX-powerpc

Windows events log monitoring

How to remove some event from log while indexing..

input monitor all entries double - how to debug?

Adding cisco switches, (all kinds), to syslog to Splunk

TIME_FORMAT around midnight

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

Calling Python script from Front End

Updating Forwarder Credentials

Anyone used Splunk add-on for servicenow to send d...

Preserve data on disconnected machine

eventgen and outputMode = s2s not working

Getting Data In

Discussions

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >